Navigazzjoni
RĠPD (GDPR) > Premessa 63
Download PDF

Premessa 63

Recital 63

(63) Suġġett tad-data għandu jkollu d-dritt ta’ aċċess għal data li tkun inġabret dwaru, u li jeżerċita dak id-dritt faċilment u f’intervalli raġonevoli, sabiex ikun jaf dwar, u jivverifika, il-legalità tal-ipproċessar.

Dan jinkludi d-dritt tas-suġġetti tad-data li jkollhom aċċess għad-data dwar saħħithom, pereżempju d-data fir-reġistri mediċi tagħhom li jkun fihom informazzjoni bħal dijanjosi, riżultati ta’ eżamijiet, valutazzjonijiet mit-tobba li qed jittrattawhom u kwalunkwe kura jew intervent ipprovdut.

Kull suġġett tad-data għandu għalhekk ikollu d-dritt li jkun jaf u jikseb komunikazzjoni b’mod partikolari fir-rigward tal-għanijiet li għalihom tkun qiegħda tiġi pproċessata d-data personali, fejn possibbli il-perijodu li għalih id-data personali tiġi pproċessata, ir-riċevituri tad-data personali, il-loġika involuta fi kwalunkwe pproċessar awtomatiku tad-data personali u, għallinqas meta bbażata fuq it-tfassil ta’ profili, il-konsegwenzi ta’ dan l-ipproċessar.

Fejn possibbli, il-kontrollur għandu jkun jista’ jipprovdi aċċess mill-bogħod għal sistema sikura li tipprovdi lis-suġġett tad-data b’aċċess dirett għad-data personali tiegħu.

Dak id-dritt ma għandux jaffettwa negattivament id-drittijiet jew il-libertajiet ta’ persuni oħrajn, inklużi sigrieti tan-negozju jew proprjetà intellettwali u b’mod partikolari d-dritt tal-awtur li jipproteġi s-software.

Madankollu, ir-riżultat ta’ dawn il-kunsiderazzjonijiet m’għandux ikun rifjut li tiġi provduta l-informazzjoni kollha lis-suġġett tad-data.

Fejn il-kontrollur jipproċessa kwantità kbira ta’ informazzjoni rigward is-suġġett tad-data, il-kontrollur għandu jkun jista’ jitlob li qabel ma tingħata din l-informazzjoni, is-suġġett tad-data jispeċifika l-informazzjoni jew l-attivitajiet ta’ pproċessar li għalihom tkun tirreferi t-talba.

(63) A data subject should have the right of access to personal data which have been collected concerning him or her, and to exercise that right easily and at reasonable intervals, in order to be aware of, and verify, the lawfulness of the processing.

This includes the right for data subjects to have access to data concerning their health, for example the data in their medical records containing information such as diagnoses, examination results, assessments by treating physicians and any treatment or interventions provided.

Every data subject should therefore have the right to know and obtain communication in particular with regard to the purposes for which the personal data are processed, where possible the period for which the personal data are processed, the recipients of the personal data, the logic involved in any automatic personal data processing and, at least when based on profiling, the consequences of such processing.

Where possible, the controller should be able to provide remote access to a secure system which would provide the data subject with direct access to his or her personal data.

That right should not adversely affect the rights or freedoms of others, including trade secrets or intellectual property and in particular the copyright protecting the software.

However, the result of those considerations should not be a refusal to provide all information to the data subject.

Where the controller processes a large quantity of information concerning the data subject, the controller should be able to request that, before the information is delivered, the data subject specify the information or processing activities to which the request relates.